I had in mind to create a cloud function that let a user read some of the user infos of another user under certaine conditions.
For example:
const user1 = ??? // user1 is the current user
const user1Data = await firestore().collection('Users').doc('user1.uid').get()
const user2 = ??? // user2 is the user whith user2.uid == user1Data.partnerUid
const user2Data = await firestore().collection('Users').doc('user2.uid').get()
if (user1Data.partnerEmail == user2.email && user1Data.partnerEmail == user2.email) {
// ...
// the endpoint deliver some of the user2 data to user1.
// ...
}
I have seen the documentation of Cloud functions:
https://firebase.google.com/docs/reference/functions/providers_auth_
I have seen that with the admin API we can call getUser:
admin.auth().getUser(uid)
The difference between functions.auth() and admin.auth() is not clear for me. Can we call admin within cloud functions ?
The difference between functions.auth() and admin.auth() is not clear for me.
When you import functions from firebase-functions, all that gets you is an SDK used for building the definition of functions for deployment. It doesn't do anything else. You can't access user data using functions.
When you import admin from firebase-admin, that gives you access to the Firebase Admin SDK that can actually manage user data in Firebase Authentication. You will want to use this to look up and modify users as needed, and it works just fine when running code in Cloud Functions.
The difference between functions.auth() and admin.auth() is not clear for me. Can we call admin within cloud functions ?
Basically functions.auth(), will let you trigger Cloud Functions in response to the creation and deletion of Firebase user accounts. For example, you could send a welcome email to a user who has just created an account in your app:
exports.sendWelcomeEmail = functions.auth.user().onCreate((user) => {
// ...
});
functions.auth() is from the cloud function package:
// The Cloud Functions for Firebase SDK to create Cloud Functions and setup triggers.
const functions = require('firebase-functions');
Using the above package you can preform firestore, database or auth triggers that will run in response to creating data in the database or creating a new user...
// The Firebase Admin SDK to access Cloud Firestore.
const admin = require('firebase-admin');
admin.initializeApp();
The firebase admin sdk is used to access the database from privileged environments example inside cloud functions.
Check the following links:
https://firebase.google.com/docs/functions/use-cases
https://firebase.google.com/docs/functions/auth-events
https://firebase.google.com/docs/admin/setup
https://firebase.google.com/docs/functions/auth-events
Related
I am trying to add Custom roles to my user in my Flutter app. I saw some tutorials which uses Cloud functions to assign roles to user using Node js language(not dart) script because one should not assign customRoles from the frontEnd side of app.
const functions = require('firebase-functions');
const admin = require('firebase-admin');
admin.initializeApp();
exports.addAdminRole = function.https.onCall((data,context) => {
return admin.auth.getUserByEmail(data.email).then(user => {
return admin.auth().setCustomUserClaims(user.uid,{
admin: true
})
})
})
But as I am okay with the risks and I can't use this js code so I want to know that is there any way to setCustomRoles in dart(flutter) language ?
The ability to set custom claims for a user is only available in our SDKs for trusted environments, such as the Admin SDK for Node.js that used in the code in your question.
This functionality is not available in the client-side SDK by design, as it'd be a huge security risk to allow this. While you may think this is acceptable, the client-side SDKs will not help you going down this path.
The only way to do this from a Flutter app, is to create a Cloud Function like the one you have, and call that from your Flutter code. This also then gives you a chance to secure the operation in Cloud Functions by checking if the user is authorized to add the claim to their account.
I'm starting deep on Firebase Security Rules and I'm following the Firebase Security Rules docs, but this document just says about Realtime Database, Cloud Firestore, and Cloud Storage options. There is a way to use Firebase Authentication to protect an invoke of a Google Cloud Function from Client-Side?
I'm trying to use a GC Function as a backend to access the Cloud SQL from a Web Application.
Cloud Functions generally use Admin SDK (or service accounts, application default credentials to access any other services like Cloud SQL) which has complete access to your Firebase project's resources and also bypasses all security rules. That being said you would have to authorize requests yourself. For example, if you are using onCall function:
export const fnName = functions.https.onCall((data, context) => {
const { auth } = context
if (!auth) console.log('User not logged in')
const { uid } = auth;
// UID of user who called the function
// Check if user has access to requested resource
// process request
})
If the caller of function is not authenticated, then context.auth will be undefined.
If your question is if you can prevent the invocation of function at first place, then there's currently no way to do so. You can use Firebase App Check to ensure the function is called from your registered application only.
I'm trying to integrate Stripe with Firebase as a backend.
I need to create stripe customer when new user signs up to my app.
for that I wrote 1 cloud function which will execute when new user created by Firebase Auth.
but in that function I'm getting Firebase auth's user.
from that I need to update my collection's document which is created for that user. (I'm storing Auth user's uid in my collection's document).
but somehow Firebase cloud function is not updating it.
Here is my Cloud function for same.
// When a user is created, register them with Stripe
exports.createStripeCustomer = functions.auth.user().onCreate(async (user) => {
const customer = await stripe.customers.create({email: user.email});
return admin.firestore().collection('fl_users').doc(user.uid).set({customer_id: customer.id});
});
I don't know what need to update how. Can you please help me to solve my problem?
I'm learning to use the cloud functions and may create user with the method admin.auth().createUser, but now i would like make a sign up with account the google
I tried use admin.auth().GoogleAuthProvider() but tells me that propiety GoogleAuthProvider() not exist
It's not always possible use admin sdk. For example, I'm working with Google Actions and I've resolved with firebase dependencies (npm i --save firebase).
https://firebase.google.com/docs/auth/web/google-signin?hl=es-419
async function createUser(token: string) {
// Build Firebase credential with the Google ID token.
const credential = firebase.auth.GoogleAuthProvider.credential(token);
const userCredential = await firebase.auth().signInWithCredential(credential);
}
Is it possible to trigger a Cloud Function when the user uninstalls the app, so that we can clean up the anonymous user realtime database entry?
You can detect app uninstall for Android as an automatically collected Analytics event called app_remove. Then you could trigger a Cloud Function to run when that event occurs. You would also need to use the Firebase Admin SDK to access the database. Check out some of the Cloud Functions for Firebase GitHub samples to see examples of using Analytics triggers and using the Admin SDK. The function could work something like this:
exports.appUninstall = functions.analytics.event('app_remove').onLog(event => {
const user = event.user; // structure of event was changed
const uid = user.userId; // The user ID set via the setUserId API.
// add code for removing data
});